To successfully pursue its activities The Reference needs to process personal data about individuals. These can include customers, job seekers, journalists, vendors, suppliers, stakeholders, subcontractors, competitors, Alumni and other people the organization has a relationship with or may need to contact.
The Reference is committed to respect the rights of the people whose personal data is being processed. Therefore, The Reference complies with data protection regulations such as the General Data Protection Regulation (“GDPR”) and national laws of the countries in which it operates.
This privacy statement describes which personal data we collect, why we do it, how long we keep it and the rights you can exercise with regard to your personal data. It applies to all personal data submitted to The Reference via the website, by email, or by any other means.
The Reference NV, registered at 70 Stapelplein, 9000 Ghent (Belgium), under number BE 0474.475.203 (hereinafter: “The Reference”) is the controller, as it determines the means and purposes of the processing of your personal data.
Personal data we collect about you
If possible, we will try to collect the personal data directly from the person concerned. However, it may be necessary to collect personal data from third parties in the context of future relationships (e.g. customers or candidates).
I. Information you provide us:
- contact form filled out by you (website): name, email, company, phone, and message;
- job applications (website or via recruitment company): application forms, CV, interview notes and related recruitment information;
- your feedback
- content of correspondence with us (by email, phone or letters);
- subscription newsletter (website form)
- information from social media when you link to our website (online)
- information relating to your use of our products or services
- contact details of past, present and future customers
- contact details of past, present and future suppliers, vendors, investors or other partners
II. Information we may automatically collect if you visit our website:
- technical information, including IP address, browser type and version
- cookies and other technologies
III. Use of children’s data:
The Reference does not knowingly collect, process or store any personal data about children under the age of 16 and we do not offer any products or services directly to children under the legally allowed age. Where we knowingly have collected data of children, we will delete them immediately by erasing the data completely from our database.
IV. Finally, information collected on our site may be stored and processed into anonymous statistics or log files for internal use, such as traffic and profile analysis.
In general, we may have to process all categories of personal data to comply with applicable legal or regulatory requirements, relevant industry standards and our policies, and for litigation or defence of claims.
- customers’ and prospects’ personal data: We use your personal data for the performance of your contract(s) with The Reference. In particular we process your personal data to deliver and provide our products or services and to invoice them, as well as for the execution and analysis of market surveys and marketing strategies. We also use your contact details to further inform you about our products and services that are in line with our already existing relationship and for marketing such as offering promotions.
- Suppliers’, vendors, customers and partners’ personal data: We process your personal data to conclude and execute our agreements and manage our relationships.
- Job seekers’ data: Your personal data are stored for the recruitment and selection procedures. More specifically, your personal data are processed for the purposes of assessing your profile and skills to fit a job and making you specific job offers.
Subject to your explicit consent, we will use your contact details to send you our newsletter. We also may use the personal data in other ways, for which we provide specific notice at the time of collection.
Retention of your personal data
Your personal data is kept in our information systems only for as long as is necessary for the purposes for which it was collected (as described above). It will be deleted once it is no longer needed by us and once all requirements at law have been met.
We will retain and use your personal data for as long as reasonably necessary to perform our agreements or to consider tenders, to comply with our legal obligations (such as accounting and tax obligations) and to resolve disputes or enforce our agreements. Therefore, your personal data will be held during the duration of our contractual relationship and up to 10 years thereafter.
Application forms (CV’s), interview notes and references of unsuccessful candidates are kept for a period of 2 years following the closure of the hiring process. After that, when we would like to stay in contact with an applicant who was not chosen for the job he/she applied for we will ask for his/her consent to keep the cv in our application pool for another 2 years. This data will be timestamped in the database from the moment of entry, to be able to adequately handle it after the correct period.
In all cases personal data may be kept for a longer period of time where there is a legal or regulatory reason to do so, or a shorter period where the individual objects to the processing of their personal data and there is no longer a legitimate purpose to retain it.
The Reference only processes your personal data if at least one of these grounds applies:
- For the preparation or performance of a contract.
- In order to comply with the legal and regulatory obligations to which we are subject.
- For legitimate business interests, in which case we always seek to strike a balance between that interest and respecting your privacy.
- If none of the above, where we have your explicit consent.
Transfer to third parties
The Reference does not transfer your personal data to third parties, except:
- to our legal successors and affiliated companies within Emakina Group, for the same purposes as specified in this Privacy Statement.
- to subcontractors and third parties for the purpose of the performance of a contract that we hold with them or that we hold with you.
- to third party service providers who perform services on our behalf to help us with our business activities. These service providers are limited to only using your personal data as instructed to carry out their tasks.
- when permitted or required by applicable law or regulatory requirements.
- to law enforcement authorities or other government officials.
- to other third parties with your consent. In this case, the consent will be explicitly asked when you enter or send your data.
THE REFERENCE shall in no case be liable, if it proves that it is not responsible for the event giving rise to the damage.
Transfer to third countries
When we transfer your personal data to other countries, outside of the European Economic Area, The Reference will take measures to ensure that your personal data is exclusively processed in accordance with this Privacy Statement and that adequate levels of protection have been implemented in order to safeguard your personal data. These arrangements can include Binding Corporate Rules for transfers within the Emakina Group, standard contractual clauses or approved certification mechanisms.
In accordance with the GDPR, The Reference will respond to your requests in the GDPR mandated time to exercise following rights:
- Right to be informed: The Reference is transparent by providing you any information relating to the processing of your personal data via this privacy statement or specific information notices at the time of collection.
- Right to access: You have the right to request a copy of the personal data that The Reference holds about you. We may require proof of identity before fulfilling such requests.
- Right to rectification: If the personal data that The Reference holds about you is inaccurate or incomplete, you have the right to ask us to update or rectify it.
- Right to be forgotten: You have the right to request The Reference to erase all your personal data. We will delete your personal data without undue delay if we do not have any legal reason or legitimate purpose to continue to process it.
- Right to restrict processing: In some specific cases, you have the right to ask The Reference to restrict how we process your personal data. This means we are permitted to store the data but not further process it.
- Right to data portability: This right only applies to personal data that you have provided to The Reference, based on consent or for the performance of a contract. The Reference will provide your personal data in a structured, commonly used and machine-readable format to be able to transmit it to another controller, or have it directly transmitted by The Reference if technically feasible.
- Right to object: You have the right to object to the processing of your personal data if the processing is based on the legitimate interest of The Reference or on public interest. The Reference will discontinue the processing of your personal data, unless we can demonstrate compelling legitimate grounds for the processing which override your interests or rights, or for the establishment, exercise or defence of legal claims.
- Right to withdraw consent: Where your consent was required for the collection or use of your personal data, you have the right to withdraw your consent at any time. For example, you may choose to stop receiving our newsletter by following the unsubscribe instructions included in the emails.
- Right to lodge a complaint: You have the right to lodge a complaint with the supervisory authority (in Belgium: Gegevensbeschermingsautoriteit) if you consider that the processing of your personal data infringes this Privacy Statement or the GDPR.
You can exercise your rights by sending a request by email to firstname.lastname@example.org or by post to The Reference, Stapelplein 70, 9000 Ghent, Belgium.
The Reference has security policies and procedures in place to protect your personal data from unauthorized loss, misuse, alteration or destruction. Despite our best efforts, however, security cannot be absolutely guaranteed against all threats.
To the best of our ability, The Reference has taken steps to ensure the ongoing confidentiality, integrity, availability, and resilience of systems and services processing personal information. These actions may include physical security measures, network security measures, and organizational measures such as confidentiality clauses and restricted access.
Changes to our Privacy Statement
The Reference may change this Privacy Statement from time to time to reflect new legal or regulatory obligations, or in response to new data processing activities. Where the changes are significant we may choose to send an e-mail to all our registered users with the new details. Any such changes will be posted here and will be effective from the time they are communicated, or, if required, when we have obtained your consent. We advise you to check back frequently to see any updates or changes. This Privacy Statement was last reviewed June 28, 2021.